Iran on the Day to End Mass Surveillance
This was originally posted in Global Voices Advocacy.
The revelations surrounding the surveillance practices of the NSA and other Western government intelligence agencies may have made 2013 the year the Internet lost its innocence within democratic states. But this state of perpetual, pervasive surveillance has long been part of everyday life within the Islamic Republic of Iran. While security and privacy concerns have recently become a mainstream concern in the Western world, Iranians have long known the risks of sharing information through communications technologies.
Shunood, the term most often used for surveillance in Farsi, comes from the word shenidan, which means to listen. Relatedly, surveillance within Iran is commonly associated with the wiretapping of phones — a common practice within Iran since the introduction of the technology to the country. In July 2013, the outspoken Parliamentarian Ali Motahari discovered his office had been bugged with recording devices — many suspected the devices were installed by Iran’s previous hard-line Minister of Intelligence. In recent years, advances in communication technologies have changed the state’s surveillance apparatus. From data mining and eavesdropping through the ultra pervasive Deep Packet Inspection (DPI) method, to control over meta-data collected by telecommunication companies, and physical wiretapping (which is the most popular method inside Iran), researchers have identified various digital surveillance methods.
During and after the Green Movement of 2009, security researcher Chris Parsons and Iran ICT expert Mahmood Tajalli Mehr found strong evidence suggesting that sophisticated surveillance technologies were used for DPI by the government during this period. Tebyan Zanjan, an Iranian website covering ICT news, has reported on different methods of government data collection, from DPI to telephone wiretapping, further illustrating the government’s surveillance capabilities.
In sum, it is common knowledge among Iranians that if the state can, it will spy on its citizens.
Two important legal standards exist for surveillance practices. Both call for due process in instances when the state engages in surveillance. Article 25 of the Constitution indicates:
The inspection of letters and the failure to deliver them, the recording and disclosure of telephone conversations, the disclosure of telegraphic and telex communications, censorship, or the willful failure to transmit them, eavesdropping, and all forms of covert investigation are forbidden, except as provided by law.
At the same time, Article 104 of Iran’s Criminal Code of Procedure for Public and Revolutionary Courts states:
In cases where there is a need to inspect and detect mailing, telecom, audio and visual correspondences related to the accused, in connection with investigation of a crime, the judge will inform the respective officers to confiscate [these materials] and send them to him or her. Once they are received, they will be presented to the accused, noted in the minutes, and attached to the file after being signed by the accused. Refusal of the accused to sign will be noted in the minutes and in case the items are not of relative importance, and if the confiscation is not necessary, they will be returned to the owner obtaining an acknowledgment of receipt.
While laws exist to protect the privacy of individuals, there is a dissonance between the laws and practices of the state. These protections are often lost between the many different authorities who administer these practices within a complex, larger government apparatus, with various Ministries and organizations of different branches involved. The central entity involved in mass data collection from communications technology is the Telecommunications Company of Iran (TCI), or Mokhaberat in Farsi. This organization falls under the jurisdiction of the Ministry of Information Communication Technology (ICT), but maintains private shareholders. While there are conflicting reports concerning the precise nature of the influence of Iran’s Revolutionary Guards over the TCI, it is widely known that they own the greatest shares of the TCI, placing this body in the hands of an entity accountable only to the Supreme Leader. Although often difficult to prove, many experts suspect these shareholders are associated with elements within Iran’s Revolutionary Guards (IRGC).
The Ministry of Intelligence, the IRGC, FETA (Iran’s Cyber Police), Ministry of Defense, Ministry ICT, the Passive Defense Organization (PDO), and the Supreme Council for Cyberspace (SCC) are all involved in the country’s surveillance regime, but they are often accountable to different authorities and represent different motivations and ideologies, ranging from hard-line elements in the opposition to reformist or moderate influences within the elite. Statements at various times, and by different members of the government often support the practise of state surveillance against citizens without due process. During the previous administration of Mahmood Ahmadinejad, the Minister of ICT clarified that communications, including text messages and emails were subject to surveillance upon approval from the Supreme National Security Council.
On February 11, when the world takes a stand for privacy rights in the wake of Edward Snowden’s NSA leaks, we should not forget the practices that have always existed, and continue to prosecute and imprison Iranians. While we stand up against countries like the United States, Canada, and the UK for their violations of our privacy rights, ASL19 urges the world not to forget the circumstances in a country that does not require revelations to reveal the unjust state of privacy and human rights.